SCCM or Intune What to USE Microsoft Endpoint Manager Choose what's right for you There are a few ways to determine what's right for your organization. Your next steps depend on what your organization does. Consider what you're trying to achieve. For example: If you constantly provision new devices, then start with Windows Autopilot. If you add rules and control settings for your users, apps, and devices, then start with Intune. If you currently use Configuration Manager to deploy apps, and want to use conditional access based on security requirements, then start with co-management. If you currently use Configuration Manager and are responsible for keeping Windows 10 devices up-to-date, then start with Desktop Analytics. If you're getting started with MDM and MAM, or use ADMX templates to control Office, Microsoft Edge, and Windows settings, then start with Intune. You can also think of Endpoint Manager in three parts: cloud, on-premises, and cloud + on-premises: Cloud: All data is stored in Azure. And, no more data centers. This approach gives you the mobility benefits of the cloud, and the security benefits of Azure. On-premises: If you have an on-premises infrastructure that includes Configuration Manager, or aren't ready to use the cloud, then you can keep your existing systems. Cloud + on-premises: Many environments are mixed, and use a cloud-attach approach. Meaning they use a combination of cloud and on-premises. For new devices, use the benefits of Intune to access and protect data. If you use Configuration Manager, connect to the cloud for additional functionality and analytics. If you want to move some workloads to the cloud, then co-management is a good option. INTUNE PROS Cloud native Strong in mobile device management (MDM) Good at light-weight, smaller applications on mobile devices or mobile OS. Auto provisioning of systems – with Microsoft Intune and Autopilot, you can give new devices to your end users without the need to build, maintain, and apply custom operating system images to the devices. When you use Intune to manage Autopilot devices, you can manage policies, profiles, apps after end users are enrolled INTUNE CONS Narrow focus on mobile devices; not a full systems-management platform Doesn’t support server-side applications Not intended for large applications Doesn’t have the feature-set to handle complex package deployments Incurs egress or monthly usage fees based on the volume of data transmitted – software deployment is often a reactive activity based on the software provider updates; usage fees add up and get more expensive over time Challenges in planning – difficult to predict the number or size of software updates that will occur over time, especially in an environment where most applications are going cloud native with a higher frequency of updates